 FTP Servers

 FTP server software consists of an FTP

daemon and configuration files.
 The daemon is a program that continuously
FTP SERVICES checks for FTP requests from remote users.
 When a request is received, it manages a
login, sets up the connection to the
requested user account, and executes any
FTP commands the remote user sends.
  For anonymous FTP access, the FTP
daemon allows the remote user to log in to
the FTP account using anonymous or ftp as
FTP SERVICES the username.
 The user then has access to the directories
and files set up for the FTP account.
  As a further security measure, however, the
daemon changes the root directory for that
session to be the FTP home directory.
 Thishides the rest of the system from the
FTP SERVICES remote user.
A user logging in with anonymous FTP can
see only the FTP home directory and its
subdirectories.
  The remainder of the system is hidden from
that user.
 This effect is achieved by the chroot
FTP SERVICES
operation that literally changes the system
root directory for that user to that of the
FTP directory.
  Available Servers:
 SeveralFTP servers are available for use on
Linux systems.
FTP SERVICES  Three of the more common servers include
 Vsftpd
 Pureftpd
 proftpd.
  FTP Users
 Normal users with accounts on an FTP
server can gain full FTP access simply by
FTP SERVICES logging into their accounts.
 Users can also log in as anonymous users,
allowing anyone on the network or Internet to
access files on an FTP server.
  Anonymous FTP: vsftpd
 An anonymous FTP site is essentially a
special kind of user on your system with
publicly accessible directories and files in
FTP SERVICES its home directory.
 The anonymous FTP files and directories can
be configured in such a way that the rest of the
file system is hidden from them and remote
users are given only read access.
  You must also modify the entry for this
account in your /etc/passwd file to prevent
normal user access to it.
FTP SERVICES  The following is the entry you find in
your /etc/passwd file that sets up an FTP
login as an anonymous user:
ftp:x:14:50:FTP User:/var/ftp
 ftp:x:14:50:FTP User:/var/ftp:
 The x in the password field blocks the
account, which prevents any other users
from gaining access to it, thereby gaining
FTP SERVICES control over its files or access to other parts
of your system.
 Theuser ID, 14, is a unique ID. The
comment field is FTP User.
 The login directory is /var/ftp.
  Creating New FTP Users:
 Ifyou are creating virtual FTP hosts, you
will need to create an FTP user for each
one, along with its directories.
 For example, to create an FTP server for a
FTP SERVICES
host1-ftp host, you create a host1-ftp user
with its own directory.
useradd -d /var/host1-ftp host1-ftp
 This creates a user such as that described
here:

host1-ftp:x:14:50:FTP User:/var/host1-ftp:
  You also need to create the corresponding
home directory, /var/host1-ftp in this
example, and set its permissions to give
FTP SERVICES users restricted access.
mkdir /var/host1-ftp
chmod 755 /var/host1-ftp
FTP SERVICES
  In addition, you need to make sure that the
root user owns the directory, not the new
FTP users.
FTP SERVICES  This gives control of the directory only to
the root user, not to any user that logs in.
chown root.root /var/host1-ftp
  The Very Secure FTP Server
 The Very Secure FTP Server (vsftpd) is
small, fast, easy, and secure.
 It is designed to -
FTP SERVICES  Avoid the overhead of large FTP server
applications like ProFTPD
 Maintaining a very high level of security.
 Handle a very large workload, managing
high traffic levels
  Running vsftpd
 The Very Secure FTP Server’s daemon is
named vsftpd.
FTP SERVICES
 It is designed to be run as a standalone
server, which can be started and stopped
using the /etc/rc.d/init.d/vsftpd server script.
  Configuring vsftpd
 You configure vsftpd using one
configuration file, vsftpd.conf.
 It is installed in the /etc or /etc
reference/etc/vsftpd directory.
 To run vsftpd as a standalone server, you set
FTP SERVICES the listen option to YES.
 Thus, it continually listen on its assigned
port for requests.
 You can specify the port it listens on with
the listen_port option.
listen=YES
  Enabling Login Access:
 Here, anonymous FTP is enabled by
assigning the YES value to the
anonymous_enable option.
 The local_enable option allows local users
FTP SERVICES on your system to use the FTP server.
# Allow anonymous FTP?
anonymous_enable=YES
# Uncomment this to allow local
# users to log in.
local_enable=YES
  Local User Permissions:
 If you want to allow local users to create,
rename, and delete files and directories on
FTP SERVICES their account, you have to enable write
access with the write_enable option.
write_enable=YES
 Configuration Options for vsftpd.conf

FTP SERVICES
 Configuration Options for vsftpd.conf ...(Cont.)

FTP SERVICES
  Anonymous User Permissions
 You can also allow anonymous users to
upload and delete files, as well as create or
remove directories.
FTP SERVICES  Uploading by anonymous users is enabled
with the anon_upload_enable option.
 To let anonymous users also rename or
delete their files, you set the
anon_other_write_enable option.
  Tolet them create directories, you set the
anon_mkdir_write_enable option.
FTP SERVICES anon_upload_enable=YES
anon_other_write_enable=YES
anon_mkdir_write_enable=YES